REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
bobrov
70
sp1d3rs
52
bigbear_
38
bl4de
37
guido
37
isox
36
edio
34
4lemon
34
geeknik
33
jobert
33
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
PHP (IBB)
disclosed a bug submitted by
geeknik
heap-buffer-overflow (READ of size 48) in exif_read_data()
01 Sep 2018
concrete5
disclosed a bug submitted by
gamliel
Stored XSS on Add Calendar
01 Sep 2018
concrete5
disclosed a bug submitted by
gamliel
Stored XSS on Add Event in Calendar
01 Sep 2018
Khan Academy
disclosed a bug submitted by
cyberdolt
Possible Subdomain Takeover
31 Aug 2018
Reverb.com
disclosed a bug submitted by
nadino
Items bought for free due to lacks of quantity controls
31 Aug 2018
WordPress
disclosed a bug submitted by
zee_shan
[mercantile.wordpress.org] Reflected XSS
30 Aug 2018
Node.js third-party modules
disclosed a bug submitted by
n0n4me
[simplehttpserver] List any file in the folder by using path traversal.
30 Aug 2018
Eobot
disclosed a bug submitted by
r1chard
XSS on link in eobot account page
30 Aug 2018
New Relic
disclosed a bug submitted by
fbogner
Insecure Infrastructure Integrations YML Loading leads to Windows Privilege Escalation
29 Aug 2018
WordPress
disclosed a bug submitted by
b258ea62bf297b02afa9854
Arbitrary file deletion in wp-core - guides towards RCE and information disclosure
29 Aug 2018
Valve
disclosed a bug submitted by
yalter
Buffer overflows in demo parsing
28 Aug 2018
Valve
disclosed a bug submitted by
chippy
Malformed Skybox .TGA in Half-Life (GoldSRC) leads to Access Violation
28 Aug 2018
Rocket.Chat
disclosed a bug submitted by
edoverflow
Remote code execution by hijacking an unclaimed S3 bucket in Rocket.Chat's installation script.
28 Aug 2018
Weblate
disclosed a bug submitted by
mur90210
Audit log validation
28 Aug 2018
Weblate
disclosed a bug submitted by
japz
Insecure Account Removal #2
28 Aug 2018
Uber
disclosed a bug submitted by
peuch
Information Leakage - GitHub - VCenter configuration scripts, StorMagic usernames and password along with default ESXi root password
27 Aug 2018
Uber
disclosed a bug submitted by
peuch
Information Leak - GitHub - Endpoint Configuration Details
27 Aug 2018
Weblate
disclosed a bug submitted by
footstep
Account Restore / Reactivating an old email via old reset link
27 Aug 2018
Weblate
disclosed a bug submitted by
footstep
Running 2 accounts with a single email #3
27 Aug 2018
disclosed a bug submitted by
michiel
Remote Code Execution on Proxy Service (as root)
27 Aug 2018
1
...
3
4
5
6
7
...
299
BY DENIS WERNER - @NOBBD -
IMPRESSUM
